Intelligent server routing

ABSTRACT

The present application relates to methods and systems for intelligently routing requests to one of a plurality of redundant servers. The methods and systems route the requests to a most highly ranked redundant server. The redundant servers are dynamically rank according to ranking information, wherein the ranking information may include server performance information, server response information, next step performance information, next step response information, historic information and other like information. Next step response information and next step performance information corresponds to information pertaining to servers the plurality of redundant servers depend upon. The methods and systems may further randomly re-rank the plurality of redundant servers. The methods and systems may further re-route unprocessed requests meeting non-performance criteria.

This application claims the benefit of U.S. Provisional Application No.61/092,242, filed Aug. 27, 2008, incorporated herein by reference in itsentirety.

TECHNICAL FIELD

The present disclosure generally relates to methods and/or systems forselecting one of a plurality of redundant servers providing on-lineservices over a telecommunications network. Particular application isfound in connection with systems that provide authentication supportand/or other payment processing solutions for e-commerce and/or liketransactions conducted over a telecommunications network, e.g., such asthe Internet. However, it is to be appreciated that the presentlydisclosed subject matter is equally amenable to other like applicationsand/or environments.

BACKGROUND

Internet commerce, or e-commerce as it is otherwise known, relates tothe buying and selling of products and/or services between consumers andmerchants over the Internet or other like transactional exchanges ofinformation. The convenience and availability of shopping over theInternet has sparked considerable interest in e-commerce on behalf ofboth consumers and merchants. This increased interest in e-commerce has,in turn, sparked an increase in network traffic and an increase in thenumber of requests e-commerce services must address. To handle thisincrease in requests, e-commerce services generally route requests for aservice between a plurality of redundant servers. This reduces theresponse times for requests and/or the load of any single server. Asshould be appreciated, this has the added advantage of providingredundancy in the event of server failure, whereby an e-commerce servicemay employ a plurality of redundant servers irrespective of the numberof requests. Such redundant servers may, for example, be located atgeographically disparate locations, so as to protect against localizedfailures. Unfortunately, heretofore, the routing of requests between theplurality of servers has been, in a sense, “dumb.”

Namely, traditional routing systems for routing requests between aplurality of redundant servers generally route requests to redundantservers and forget about them; they have no ability to re-route arequest should the server a request was routed to prove to benon-performant. For example, if a request is assigned to anon-performant server, notwithstanding that the server appears to beperformant, the request will eventually fail by way of timeout or simplybe addressed by the non-performant server in a suboptimal amount oftime. Accordingly, it would be advantageous to have a routing systemthat monitors whether requests have been processed and re-routes therequests after certain non-performance criteria have been met.

Additionally, some traditional routing systems may include an internalranking of redundant servers based largely upon a historic bias, wherebythe rankings may be slow to change. For example, consider a ranking onthe basis of the average response time of 1000 response timemeasurements. Adding another measurement is going to affect the averageresponse time in a minimalistic way. However, server failure issues mayarise unexpectedly, whereby internal rankings according to the foregoingranking scheme would be slow to adapt. Similarly, if servers are rankedwith a historic bias according to some performance criteria, such asresponse time, and the most highly ranked server has a strong historicbias of performance, internal rankings according to the foregoingranking scheme would be less likely to try another server that may havehigher performance than the most highly ranked server at the presenttime. Accordingly, it would be advantageous to have a routing systemthat periodically re-ranks servers in a random order, so as to reset anyhistoric bias that may have accrued.

What's more, other traditional routing systems generally fail to look atthe substance of responses to requests. Namely, other routing systemsare generally content to look at response times. However, suchapproaches fail to account for server failures in which the server isnot entirely non-performant. For example, consider a web server in whichan internal database server from which it depends crashed. If routingweb requests to the web server, the response time of the server may beexcellent; however, the server may be returning error messages that lacksubstance responsive to a request. Accordingly, it would be advantageousto have a routing system that is able to examine responses fromredundant servers to determine whether the redundant servers areoperating properly and returning proper responses.

Moreover, other traditional routing systems generally fail to take intoaccount the dependencies between redundant servers and other servers,and only monitor the redundant servers. However, each redundant servermay include at least one server from which it depends. Naturally, ifthere is failure of any of the at least one server from which aredundant server depends, the redundant server will fail, whereby arequest to the redundant server will fail. Consider, for example, aperformant directory server dependent upon a nonperformantauthentication server. Traditional routing systems may determine thedirectory server is sufficiently performant to route requests to,notwithstanding that it is returning bad responses or not returningresponses at all. Accordingly, it would be advantageous to have arouting system that not only monitors the redundant servers, but alsoexamines the servers from which the redundant servers depend.

Notwithstanding performance issues, traditional routing systemsgenerally lack means to detect whether the reason for non-performance ofa redundant server is due to fraud or simply system failure. However,this poses a problem given that increased interest in e-commerce has ledto more and more stories emerge regarding identity theft and cybercrime, which has, in turn, led to a deterioration of consumer confidencein the security of their personal information. Naturally, a reduction inconsumer confidence leads to fewer e-commerce transaction because thewillingness of consumers to purchase goods and/or serviceselectronically is inversely proportional to the apprehension they mayhave about the safety of their personal information. Accordingly, itwould be advantageous to have a routing system that includes means todetect whether the reason for non-performance of a server is due tofraud or simply system failure.

Supplemental to the foregoing, one area in which an intelligent serverrouter finds particular application is for certain authenticationinitiatives, such as Visa's Verified by Visa (VbV) initiative. Therein,directory servers are employed in connection with processing transactionauthentication requests. Naturally, if a directory server fails,transactions cannot be completed, whereby merchants, banks, credit cardcompanies, etc. lose out on revenue. Accordingly, it is common for aplurality of directory servers to be available to a requestor, wherebyit is generally desirable to select the directory server providing theoptimal response time and/or performance.

FIG. 1 illustrates one such exemplary authentication initiative. Asshown in this example, a consumer/cardholder 10, e.g., employing asuitable web browser or the like, is making an on-line purchase, e.g.,over the Internet, from a merchant 20. As is known in the art, theillustrated back-end payment processing chain includes an optionalpayment gateway 30, the merchant's financial institution or acquiringbank 32, the credit card network 34 and the issuing bank 36.

At a point of checkout, the consumer 10 selects an appropriate paymentmethod based on the initiatives supported by the merchant 20. At thispoint, the consumer fills out the on-line checkout form including apayment option, card number, expiration date, etc. Based on the paymentinformation, the merchant 20, via a plug-in 22 installed on theirserver, passes a verify enrollment request (VEReq) message to adirectory 38 on a server, e.g., suitably operated by the credit cardnetwork 34. The directory 38 includes a database associatingparticipating merchants with their acquiring banks and a databaseassociating card number ranges with locations or addresses, e.g.,universal resource locator (URL) addresses, of issuing banks'authentication servers, e.g., the authentication server 40 for issuingbank 36. The VEReq message is a request to verify the enrollment of thecard in the authentication program, and it contains the card numberprovided by the consumer 10.

Based on the card number range stored within the directory, the VEReqmessage will be sent to the appropriate URL address for the server 40which returns to the merchant 20 via the directory 38 a responsethereto, i.e., a verify enrollment response (VERes). That is to say, theserver 40 will verify the enrollment status of the card and respond witha VERes message to the directory 38 which is then passed back to themerchant's plug-in component 22.

Based on the VERes message (i.e., if positive), the merchant plug-incomponent 22 will redirect the cardholder's browser to the server 40 bypassing it a payer authentication request (PAReq) message generated bythe merchant's plug-in component 22. The consumer 10 then completes anauthentication process directly with the server 40. The authenticationserver 40 authenticates the consumer/cardholder 10 and responds to themerchant 20 with a payer authentication response (PARes) messageincluding a digital signature. The merchant's plug-in component 22validates the digital signature of the PARes and extracts theauthentication status and other specified data that is to be used by themerchant 20 during the payment authorization process carried out via theback-end payment processing chain. For example, the merchant 20 sends anauthorization/sale transaction to their payment gateway 30 along withthe data elements received from the PARes. The payment gateway 30 routesthe data to the acquiring bank 32 based on the acquirer's specification.The acquiring bank 32 then sends the data via the appropriate creditcard network 34 to the issuing bank 36 for settlement.

The present invention contemplates a new and improved system and/ormethod which overcomes the above-referenced problems and others.

INCORPORATION BY REFERENCE

The disclosure of U.S. Pat. No. 7,051,002 for “Universal MerchantPlatform for Payment Authentication,” by Keresman, III et al., filedJun. 12, 2003, is hereby incorporated herein in its entirety.

BRIEF DESCRIPTION

In accordance with one aspect of the present application, a computerimplemented method for routing requests to one of a plurality ofredundant servers is provided. The plurality of redundant serversprovides services over a communications network. The method includesreceiving a request via the communications network and selecting ahighest ranked redundant server from the plurality of redundant serversfor the request. The highest ranked redundant server is selectedaccording to an intelligent server selection engine that dynamicallyranks the plurality of redundant servers according to rankinginformation. The ranking information includes server performanceinformation and server response information. The method further includesrouting the request to the highest ranked redundant server.

In accordance with another aspect of the present application, anintelligent server router for routing requests to one of a plurality ofredundant servers is provided. The plurality of redundant serversprovides services over a communications network. The system includes anintelligent server selection engine provisioned to dynamically rank theplurality of redundant servers according to ranking information. Theranking information includes server performance information and serverresponse information. The intelligent server selection engine furtherselects a highest ranked redundant server from the plurality ofredundant servers according to the ranking of the plurality of redundantservers. The system further includes a real-time analysis engineprovisioned to determine unprocessed requests meeting non-performancecriteria and update a highest ranked redundant server for each of thedetermined unprocessed requests. Unprocessed requests are requests whichhave not been processed by highest ranked redundant servers assigned bythe intelligent server selection engine. The system further includes arouting engine provisioned to receive the requests and route each of therequests to one of the plurality of redundant servers. The one of theplurality of redundant servers is a highest ranked redundant serverdetermined by the intelligent server selection engine. The routingengine is further provisioned to re-route requests to highest rankedredundant servers updated by the real-time analysis engine.

In accordance with another aspect of the present application, a computerimplemented method for supporting authentication processing of acommercial transaction conducted over a communications network between afirst party and a second party is provided. The commercial transactionuses one of a plurality of different payment instrument types belongingto different payment networks. The plurality of different paymentinstrument types have different authentication protocols prescribedtherefor by their respective payment networks. The method includesobtaining payment information from the first party according to aunified message format, wherein he first party received the paymentinformation from the second party. The payment information includes apayment instrument identifying the one of the plurality of differentpayment instrument types. The method further includes selecting one ofat least one directory server associated with the one of the pluralityof different payment instrument types. Each of the at least onedirectory server is ranked according to an intelligent server selectionengine that dynamically ranks the at least one directory serveraccording to ranking information. The ranking information includesserver performance information and server response information. The oneof the at least one directory server is a highest ranked directoryserver. The method further includes routing the payment instrument tothe selected directory server according to a message format of the oneof the plurality of different payment instrument types. The selecteddirectory server routes the payment instrument to an authenticationserver associated with the payment instrument. The method furtherincludes obtaining an enrollment determination of the payment instrumentfrom the selected directory server. The selected direct server receivesthe enrollment determination of the payment instrument from theauthentication server.

BRIEF DESCRIPTION OF THE DRAWINGS

The presently disclosed subject matter may take form in variouscomponents and arrangements of components, and in various steps andarrangements of steps. The drawings are only for purposes ofillustrating preferred embodiments and are not to be construed aslimiting. Further, it is to be appreciated that the drawings are not toscale.

FIG. 1 is a block diagram illustrating a typical e-commerce transactioncarried out in accordance with an exemplary authenticationinitiative/program of a credit a card network;

FIG. 2 is a block diagram illustrating an exemplary intelligent serverrouter in accordance with aspects of the present invention;

FIG. 3 is a high level overview of an exemplary system in which theexemplary intelligent server router of FIG. 2 finds particularapplication.

DETAILED DESCRIPTION

For clarity and simplicity, the present specification shall refer tostructural and/or functional network elements, entities and/orfacilities, relevant standards, protocols and/or services, and othercomponents that are commonly known in the art without further detailedexplanation as to their configuration or operation except to the extentthe same has been modified or altered in accordance with and/or toaccommodate aspects of the present invention.

The presently disclosed inventive system and/or method essentiallyserves to monitor the performance of various redundant servers used forprocessing requests for a service, such as those for on-line servicesand/or databases. In one exemplary embodiment, the inventive system isapplied to directory servers, such as the ones operated by Visa for VbV.Suitably, the system, by assigning different limit variables ascriteria, monitors and analyzes various types of information, and basedon the information received, dynamically ranks the servers. Themonitored information includes, for example, server performanceinformation, server response information, next step performanceinformation, next step response information, historic information, andother like information. In the case of next step performance informationand next step response information, ranking for a server can be reducedif the server forwards to a next step server that is relatively orsufficiently non-performant. Further, at periodic intervals the rankingis randomly shuffled with an optional historic bias and re-ranked. Asshould be appreciated, the dynamic ranking in this manner assures highavailability of the service, while the random shuffling assures the bestperformance of the service.

A further feature of the inventive subject matter adds the capability todetermine if non-performance of a server is due to a system failure orintentional (e.g., fraudulent) behavior. For example, using an automatedsystem and/or method, test requests can be tracked through redundantservers and/or next step servers, and the results returned can be usedto determine if requests that are being returned unanswered, or thatdon't return at all, can be deemed as the result of poor performance ofthe given server or as the result of fraud.

With reference to FIG. 2, an exemplary intelligent server router 200 isprovided. The intelligent server router 200 includes a routing engine202, an intelligent server selection engine 204, a real-time analysisengine 206, and rankings 208. As should be appreciated, the componentsof the intelligent server router 200 may be localized to a singlecomputing system, or distributed across a plurality of computing systemsinterconnected by a communications network, such as the Internet. Theintelligent server selection engine 204 includes a server performancemodule 212, a next step performance module 214, an initial rankingmodule 216, a server response module 218, a next step response module220, an entropy module 222, a history module 224, and an other module226. Similar to the main components comprising the intelligent serverrouter 200, the components of the intelligent server selection engine204 may be localized to a single computing system, or distributed acrossa plurality of computing systems interconnected by a communicationsnetwork. The intelligent server router 200 is further connected to adatabase 210, a plurality of servers 228, optionally, a plurality ofnext step servers 230 by way of the plurality of servers 228, and,optionally, a data collection engine 232. The database 210, theplurality of servers 228, the plurality of next step servers 230 and thedata collection engine 232 are connected to the intelligent serverrouter 200 by way of communications network, such as the Internet.

The plurality of servers 228 correspond to redundant servers for ane-commerce service, such as a web server. In other words, each of theplurality of servers 228 is provisioned to perform the same task as theother servers of the plurality of servers 228. The plurality of nextstep servers 230 correspond to servers from which the plurality ofservers 228 depend. Prior to the deployment of the intelligent serverrouter 200, the operator predefines the plurality of servers 228, theplurality of next step servers 230, and the dependencies between theplurality of servers 228 and the plurality of next step servers 228.Alternatively, a server operator may undergo a registration process withthe intelligent server router 200, wherein the server operator registersthe server as one of the plurality of servers 228 and provides the nextstep servers from which the server depends.

The routing engine 202 of the intelligent server router 200 receivesrequests via a communications network, such as the internet. A requestmay be a web request, an authentication request, an ftp request, or anyother like request. Further, a request may be received from a typicalhome user browsing the internet, an e-commerce merchant, such as Amazon,or any other like party. More generally, as the skilled artisan willappreciate, communications networks, such as the Internet, generallywork on the basis of a client/server model. Under such a model, a clientsends a request to a server, and the server responds to the request. Thepresent invention seeks to address these requests. Accordingly, theintelligent server router 200 might, for example, receive a web requestfor the Amazon home page, wherein there is a plurality of serversavailable to address the web request, such as the plurality of servers228.

After receiving a request, the routing engine 202 notifies theintelligent server selection engine 204, and requests the identity ofone of the plurality of servers 228. Preferably, the intelligent serverselection engine 204 selects a server from the plurality of servers 228that will achieve the best performance for the requester. Theintelligent server selection engine 204 accomplishes this with a dynamicranking of the plurality of servers on the basis of performance. Thisdynamic ranking is exemplified in the rankings 208 of the intelligentserver router 200. As should be appreciated, the rankings 208 may bestored internal to the intelligent server selection engine 204, internalto the broader intelligent server router 200, or as part of the database210. However, regardless of how the rankings 208 are stored, andassuming this ranking 208 to be up to date, the intelligent selectionengine 204 need only select the most highly ranked server from theplurality of servers 228. Thereafter, the intelligent server selectionengine 204 returns the selected server to the routing engine 202.

The intelligent server selection engine 204 ranks the plurality ofservers 228 according to ranking information stored in the database 210.The ranking information may include server performance information,server response information, next step performance information, nextstep response information, historic information, and other likeinformation. The database 210 may be internal to the intelligent serverrouter 200 or external to the intelligent server router 200 andconnected by way of a communications network. Further, the database 210may be a traditional database such as a database provided by MySQL,MSSQL, Oracle, Microsoft Access, or other like database, or it maysimply be a data structure stored within the memory of one of one ormore computer systems comprising the intelligent server router 200. Aswill be discussed in more detail below, the ranking information ispreferably populated by the data collection engine 232. However, as willbecome clear, the servers to which the ranking information correspondsmay also populate the ranking information. Alternatively, the variousmodules of the intelligent server selection engine 204, discussed below,can be provisioned to collect the ranking information.

The intelligent server selection engine 204 includes a serverperformance module 212, a next step performance module 214, an initialranking module 216, a server response module 218, a next step responsemodule 220, an entropy module 222, a history module 224, and an othermodule 226. The initial ranking module 216 serves to initialize therankings 208 of the plurality of servers 228. This may be as simple asrandomly ranking the plurality of servers 228 or ranking the pluralityof servers 228 in a predefined order. The operator of the serverselection engine 200 may set the predefined order. Additionally, thepredefined order may, for example, be stored in the database 210 orembedded within the initial ranking module 216. Alternatively, theinitial ranking module 216 may rank the plurality of servers 228 on thebasis of the geographic location of the plurality of servers 228,whereby servers located closer to the intelligent server router 200 areranked higher than servers that are farther from the intelligent serverrouter 200.

The server performance module 212 is provisioned to analyze serverperformance information for the plurality of servers 228 in the database210 and provide a ranking of the plurality of servers 228. The serverperformance information includes information such as response times torequests, CPU load, memory usage, disk usage, and other like informationbearing on the performance of a server. The server performance module212 may provide the ranking through the use of different limit variablesoperative to provide a numerical representation of the serverperformance information. For example, although grossly simplified,server performance information for a server indicating a memory usageover 80% might receive a 1, whereas server performance information foranother server indicating a memory usage under 80% might receive a 0. Inthis way, the server performance information for the plurality ofservers 228 can be converted to numerical representation. After all ofthe relevant performance information has been analyzed, and converted toa numerical representation, the plurality of servers 228 can be rankedaccording to the summation of the numerical representations of theirrespective performance information. As should be appreciated, the limitvariables may be predefined by the operator of the intelligent serverrouter.

The server response module 218 is provisioned to analyze server responseinformation for the plurality of servers 228 in the database 210 andprovide a ranking of the plurality of servers 228. The server responseinformation includes responses to requests returned by the plurality ofservers 228 and other like information. Analyzing this informationadvantageously allows the intelligent server router 200 to take intoaccount servers which have not completely failed, but are not returningproper responses. For example, in the context of web servers, instead ofreturning a merchant home page, a web server is returning a 404 errordue to an internal disk failure. Similar to the server performancemodule 212, the server response module 218 may provide the rankingthrough the use of different limit variables operative to provide anumerical representation of the server response information. Forexample, server response information indicating success might receive a1, whereas server response information for a server indicating that theserver is only responding with error messages might receive a 0.Thereafter, the plurality of servers 228 can be ranked in a similarmanner discussed in the server performance module 212, wherein theplurality of servers 228 are ranked according to the summation of thenumerical representations of their respective response information.Further, the limit variables may be predefined by the operator of theintelligent routing system.

The next step performance module 214 is provisioned to do much the samething as the server performance module 212, with the exception that itis ranking the plurality of servers 228 on the bases of performanceinformation for the plurality next step servers 230. That is to say, thenext step performance module 214 is provisioned to analyze serverperformance information for the plurality of next servers 230 in thedatabase 210 and provide a ranking of the plurality of servers 228. Theplurality of next step servers 230 correspond to servers from which theplurality of servers 228 depend, such that in processing a request, theplurality of servers 228 have the step of submitting a next step requestto the plurality of next step servers 230, wherein the response to thenext step request is used to respond to the request. As should beappreciated, each of the plurality of servers 228 may depend upon adifferent subset of the plurality of next step servers 230. For example,server 1 of the plurality of servers 228 may only depend upon next stepserver 1 of the plurality of next step servers 230, and server 2 of theplurality of servers 228 may only depend upon next step server 2 of theplurality of next step servers 230.

Similar to the server performance information, the next step performanceinformation includes information such as response times to next steprequests, CPU load, memory usage, disk usage, and other like informationbearing on the performance of a server. The next step performance module214 may provide the ranking of the plurality of servers 228 through theuse of different limit variables operative to provide a numericalrepresentation of the next step performance information. In this way,the next step performance information for the plurality of next stepservers 230 can be converted to numerical representation. After all ofthe relevant next step performance information has been analyzed, andconverted to a numerical representation, the plurality of servers 228can be ranked according to the summation of the numericalrepresentations of next step performance information of their respectivenext step servers. As should be appreciated, this provides a usefulranking of the plurality of servers 228 because the plurality of nextstep servers 230 directly affects the performance of the plurality ofservers 228. Further, the limit variables may be predefined by theoperator of the intelligent server router 200.

The next step response module 220 is provisioned to do much the samething as the server response module 218, with the exception that it isranking the plurality of servers 228 on the bases of the plurality nextstep servers 230. That is to say, the next step response module 220 isprovisioned to analyze next step response information for the pluralityof next step servers 230 in the database 210 and provide a ranking ofthe plurality of servers 228. The next step response informationincludes responses to next step requests, which are returned by theplurality of next step servers 230. The next step response informationmay further include other like information. Analyzing this informationadvantageously allows the intelligent server router 200 to take intoaccount next step servers which have not completely failed, but are notreturning proper responses. Naturally, because the plurality of servers228 depend from the plurality of next step servers 230, failure of theplurality of next step servers 230 will directly affect the plurality ofservers 228 depending therefrom. Similar to the next step performancemodule 214, the next step response module 220 provides the rankingthrough the use of different limit variables operative to provide anumerical representation of the next step response information.Thereafter, the plurality of servers 228 can be ranked in a similarmanner discussed in the next step performance module 214, wherein theplurality of servers 228 can be ranked according to the summation of thenumerical representations of next step response information of theirrespective next step servers. Further, the limit variables may bepredefined by the operator of the intelligent routing system.

The history module 224, as its name would suggest, is provisioned toanalyze historic information for the plurality of servers 228 in thedatabase 210 and provide a ranking of the plurality of servers 228. Thehistoric information may include previous rankings, server performanceinformation, server response information, next step performanceinformation, next step response information, and other like information.The history module 224 may provide the ranking through the use ofdifferent limit variables operative to provide a numericalrepresentation of archived server performance information, serverresponse information, next step performance information, next stepresponse information, and other like information. Alternatively, thehistory module 224 may provide the ranking through the use of previousrankings, wherein a numerical representation of the historic informationwill already exist. Thereafter, the plurality of servers 228 can beranked in the same way described in connection with the serverperformance module 212, next step performance module 214, serverresponse module 218, and next step response module 220. Further, asshould be appreciated, the limit variables may be predefined by theoperator of the intelligent server router 200.

With the forgoing rankings from the various modules, the intelligentserver selection engine 204 globally ranks the plurality of servers 228,thereby defining the rankings 208. This may manifest as taking theweighted summation of the rankings from the server performance module212, next step performance modules 214, server response module 218, andnext step response module 220. The other module 226 may further beprovisioned to provide a ranking of the plurality of servers 228,whereby the weighted summation could further include the other module226. The operator of the intelligent server router 200 may determine theweights for each ranking, such that the operator can, for example,choose to give more weight to the rankings generated by the serverperformance module 212 than the rankings generated by the next stepperformance module 214. Further, as should be appreciated, the serverperformance module 212, next step performance modules 214, serverresponse module 218, next step response module 220, and, optionally, theother module 226 may be provisioned to update their rankings overdifferent periods of time, whereby the server performance module 212may, for example, update more frequently than the next step responsemodule 220. The operator of the intelligent routing system 200 mayadvantageously set these periods. The global rankings are preferablyupdated whenever one of the server performance module 212, next stepperformance modules 214, server response module 218, next step responsemodule 220 update, and, optionally, the other module 226 updates.

Notwithstanding the forgoing ranking scheme of the intelligent serverselection engine 204, the skilled artisan will appreciate that thepresent invention is equally amenable to other ranking schemes. Forexample, instead of the server performance module 212, next stepperformance modules 214, server response module 218, next step responsemodule 220, and, optionally, the other module 226 returning rankings,said modules may simply return the numerical representations of theirrespective information, whereby the intelligent server selection engine204 would generate the rankings 208 of the plurality of servers 228 onthe basis of the weighted summation of the numerical representations ofthe information corresponding to each of the plurality of servers 228.

The entropy module 222 of the intelligent server selection engine 204 isprovisioned to periodically re-rank the rankings 208 of the plurality ofservers 228 in random order. Alternatively, the entropy module 222 maysimply reverse the order of the rankings 208. As should be appreciated,this advantageously removes any historic bias that may have accrued overtime and ensures that servers that have typically underperformed areperiodically reconsidered in case the performance issues have beenresolved. The operator of the intelligent server router 200 may definethe period of the re-ranking. For example, every day the rankings 208 ofthe plurality of servers 228 may be re-ranked. Further, notwithstandingthat too much historic bias is a negative, the re-ranking may alsoinclude a historic bias which is preferably in moderation.

The routing engine 202, in conjunction with the server response module218 and the next step response 220 module, can further be provisioned todetermine if non-performance is due to a system failure or intentional(e.g., fraudulent) behavior. Namely, the routing engine 202 can generatetest requests, and the server response module 218 and the next stepresponse module 220 can track the requests through the system.Naturally, since the responses to the test requests should be known, acomparison can be made between the known responses and the actualresponses at both the server response module 218 and the next stepresponse module 220. If the responses don't match, there is a chancethat there is fraudulent activity at play. Accordingly, the next stepresponse module 220 and/or the server response module 218 can flag aquestionable server so as to, for example, disable it until the operatorof the intelligent router system 200 can investigate.

After receiving the identity of one of the plurality of servers 228 fromthe intelligent server selection engine 204, the routing engine 202routes the request to the identified server. Thereafter, the serverwhich received the request will ideally process and respond to therequest in an optimal amount time, wherein the response will be routedback through the routing engine 202 to the requester. However,regardless of the sophistication of the ranking systems, the intelligentserver selection engine 204 is still fallible due to the generallyunforeseeable nature of system failures. For example, although theidentified server might have had high performance when the request wasrouted to it, the identified server may suffer a system crash beforeresponding to the request.

The real-time analysis engine 206 monitors unprocessed requests, and isprovisioned to notify the routing engine 202 to re-route the request ifcertain non-performance criteria are met. The routing engine 202 wouldthen request the identity of another server from the plurality ofservers 228 from the intelligent server selection engine 204 andre-route the request as described above. Such non-performance criteriamay, for example, be based upon wait time, wherein requests that haveremained unprocessed for a certain amount of time will be re-routed. Thenon-performance criteria may be predefined by the operator of theintelligent server router 200, or may be adaptive. For example, duringpeak demand for an electronic service, an optimal response time might be100 ms, whereas an optimal response time during off time might be 10 ms.The performance criteria may change depending upon the time of day. Thereal-time analysis engine 206 can further be provisioned to notify theintelligent server selection engine 204 of the non-performance of thenon-performant server. In response, the intelligent server selectionengine 204 could, for example, disable the non-performant server.

The intelligent server router 200 optionally includes the datacollection engine 232. The data collection engine 210 may be internal tothe intelligent server router 200 or external to the intelligent serverrouter 200 (as shown in FIG. 2) and connected by way of a communicationsnetwork. The data collection engine 232 collects the rankinginformation, i.e., the server performance information, the next stepperformance information, the server response information, the next stepresponse information, the historic information, and other likeinformation, used by the intelligent server selection engine 204 to rankthe plurality of servers 228. Thereafter, the data collection engine 232stores the collected information in the database 210. Alternatively, thedatabase 210 may be updated with the ranking information without the useof the data collection engine 232. In such an embodiment, the pluralityof servers 228 and/or the next step servers 230 populate the rankinginformation. In yet another alternative embodiment, the various modules,discussed above, of the intelligent server selection engine 204 areprovisioned to collect their respective ranking information. Forexample, the server performance module 212 may be provisioned to collectserver performance information from the plurality of servers 228.However, regardless of the approaches discussed above, the skilledartisan will appreciate that, for the present invention, it matters nothow the information is collected; rather, it only matters that theinformation is available.

With reference to FIG. 3, an exemplary system making use of theintelligent server router 200 of FIG. 2 is illustrated. Particularly,the exemplary system illustrates the use of the intelligent serverrouter 200 with certain authentication initiatives, such as Visa'sVerified by Visa (VbV) initiative. Therein, directory servers areemployed in connection with processing transaction authenticationrequests. The system includes a plurality of consumers 302, a merchant304, a universal merchant platform 306, an intelligent directory serverrouter 308, a database 310, a plurality of directory servers 314, aplurality of authentication servers 312, a payment gateway 316, anacquiring bank 318, a credit card network 320, an issuing bank 322 and adata collection engine 324. Preferably, the foregoing components areconnected via a communications network, such as the Internet.

The plurality of consumers 302 will generally be the average web usersbrowsing the internet on their home computers with a standard webbrowser, e.g., Firefox. However, the plurality of consumers 302 may alsotake other forms, such as, but not limited to, governments and companiesacting through their employees. The merchant 304 generally refers to theaverage electronic retailer with an internet website operative to allowthe consumer 302 to purchase goods and/or services electronically, e.g.,Amazon or CDW. The database 310, the data collection engine 324 and theintelligent server router 308 are attributed the same meaning as thedatabase 210 of FIG. 2, the data collection engine 232 of FIG. 2, andthe intelligent server router 200 of FIG. 2, respectively.

Tracking the flow of a transaction within the system 300 of FIG. 3, thetransaction begins with one of the plurality of consumers 302, e.g.,consumer 1. As is commonly known, a consumer generally browses a websiteof a merchant 304 and adds items to purchase into a shopping cart. Oncethe consumer has finished browsing the website, the consumer has theoption to view the items within their shopping cart and checkout. If theconsumer chooses to checkout, the consumer selects an appropriatepayment method based on the initiatives supported by the merchant 304.That is to say, the consumer selects one of a plurality of differentpayment instrument types supported by the merchant 304. As should beappreciated, the plurality of different payment instrument typesgenerally belong to different payment networks, wherein the plurality ofdifferent payment instrument types have different authenticationprotocols prescribed therefor by their respective payment networks. Atthat point, the consumer generally fills out an on-line checkout form,which typically includes fields to enter a payment option, a cardnumber, an expiration date, etc. Hereinafter, this information will becollectively referred to as the transaction information or the paymentinformation. Further, it should be appreciated that the transactioninformation identifies a payment instrument, such as a Visa credit card.

After the consumer 302 finishes entering the transaction information,the transaction information is sent to the merchant 304. Thereafter, themerchant 304 may choose to take the appropriate steps to process thetransaction itself. Under this option, the merchant 304 will handle theauthorizing and capturing of funds to complete the transaction. Further,in the case of authentication payment initiatives, the merchant 304 willinterface with directory servers and authentication servers. However, incontrast with the traditional approach, the merchant 304 of the presentinvention will interface with the directory servers via the intelligentserver router 308. Alternatively the merchant 304 may choose to forwardthe transaction information to the universal merchant platform 306,wherein the universal merchant platform 306 will finish processing thetransaction. This communication with the universal merchant platform 306is conducted using a unified message format. The following discussionpresupposes this embodiment. However, it should be appreciated thatshould the former embodiment be chosen, it will simply be the merchant304 communicating with the intelligent server router 308, and not theuniversal merchant platform 306.

For detailed information regarding the universal merchant platform 306,refer to U.S. Pat. No. 7,051,002 for “Universal Merchant Platform forPayment Authentication,” incorporated herein by reference. However,generally, the universal merchant platform serves as a centralizedmerchant processing system for authenticated payments, allowing amerchant to securely and easily accommodate authentication of consumersand/or cardholders in accordance with a variety of authenticationinitiatives implemented by credit card networks, and to processelectronic transactions through any payment network using a singleplatform. It also enables merchants to process these payments,regardless of which payment network they are to be routed through, witha single implementation. Moreover, it allows them or a funding source touse the established underlying payment processing infrastructure toprocess their credit/debit instruments at participating merchant sites.

The advantages to funding sources are: the ability to authenticate usersand process all electronic transactions through a single platform; theability to seamlessly process payments using any given payment network,a reduction in processing costs; increased use of their credit/debitinstrument; increased acceptance of their credit/debit instrument; theability to send authenticated payment and authorization requests to anynetwork; the ability to receive detailed consumer purchasing behaviorstatistics. Likewise, there are advantages to the merchant, including,but not limited to: the ability to comply with, participate in, andenjoy the benefits of a variety of authentication initiatives; theability to authenticate consumers using different payment vehicles orcredit cards, thereby avoiding lost sales; and, protection from fraud.

Assuming the universal merchant platform 306 is used, after theuniversal merchant platform 306 receives the transaction information,the universal merchant platform 306 will typically seek to verify theenrollment of the selected payment instrument within an authenticationinitiative. Normally, this manifests with the universal merchantplatform 306 submitting an enrollment request directly to a directoryserver, such as any one of the plurality of directory servers 314. Theuniversal merchant platform 306 generates the enrollment requestaccording to a message format prescribed by payment instrument type towhich the payment instrument corresponds. The enrollment requestincludes information identifying the payment instrument of thetransaction information, such as the card number. However, utilizing theintelligent server router 308 of the present invention, the enrollmentrequest is submit to the intelligent server router 308. Therein, theintelligent server router 308 determines a directory server from theplurality of directory servers 314, as outlined above in connection withFIG. 2. As should be recalled, the intelligent server router 308 willmaintain a dynamic ranking of the plurality of directory servers 314.Once a directory server is determined, the intelligent server router 308routes the enrollment request the determined directory server. Thiscould be, for example, directory server 1 of the plurality of directoryservers 314.

After the determined directory server receives the enrollment request,the directory server looks to a database associating card number rangeswith locations or addresses, e.g., universal resource locator (URL)addresses, of issuing banks' authentication servers, e.g., theauthentication server for issuing bank. As should be appreciated, anissuing bank refers to the bank that issued the payment instrument(e.g., the credit card). Thereafter, the enrollment request is sent tothe authentication server of the issuer of payment method selected bythe consumer. This authentication server is represented as one of theplurality of authentication servers 312, e.g., authentication server 1.The authentication server will then verify that the selected paymentinstrument is enrolled in an authentication initiative. If the selectedpayment instrument is enrolled, the authentication server returns a URLto the directory server. The URL corresponds to a URL for the consumerto authenticate directly with the authentication server. Alternatively,if the selected payment instrument is not enrolled, the authenticationserver returns a message to that effect to the directory server. Once,the directory server receives the response to the enrollment request,the directory server returns the enrollment response to the universalmerchant platform 306 by way of the intelligent server router 308.

The universal merchant platform 306 then does one of at least twothings: it proceeds with authentication or it proceeds to authorize andcapture the funds for the transaction. Under the latter option, forexample, the universal merchant platform sends an authorization/capturemessage to the payment gateway 316. The payment gateway 316 routes thedata to the acquiring bank 318 based on the acquirer's specification.The acquiring bank 318 then sends the data via the appropriate creditcard network 320 to the issuing bank 322 for settlement. The skilledartisan will understand this process to be well known in the art,whereby the forgoing merely exemplifies one method of authorizing andcapturing funds. Under the former option, the universal merchantplatform 306 generates an authentication request, which it provides tothe merchant 304. The universal merchant platform 306 further providesthe merchant 304 with the URL of the authentication server. The merchant304 then provides the consumer with the authentication request andredirects the consumer to the URL of the authentication server. Once atthe authentication server, the consumer submits the authenticationrequest to the authentication server and directly authenticates with theauthentication server.

After the consumer finishes with the authentication server, anauthentication response message is returned to the merchant 304 by wayof the consumer. Thereafter, the merchant 304 provides the universalmerchant platform 306 with the authentication response from theauthentication server. If the authentication response yields asuccessful authentication, the universal merchant platform 306 completesthe transaction. Namely, the universal merchant platform 306 sends anauthorization/capture message to the payment gateway 316. The paymentgateway 316 routes the data to the acquiring bank 318 based on theacquirer's specification. The acquiring bank 318 then sends the data viathe appropriate credit card network 320 to the issuing bank 322 forsettlement. The skilled artisan will understand this process to be wellknown in the art. Alternatively, if the authentication response failedto yield a successful authentication, the universal merchant platform306 instructs the merchant 304 of the failure, whereby the merchant 304can prompt the consumer to select an alternative payment method.

It is to be appreciated that suitably, the methods and systems describedherein are embodied by a computer, or other digital processing deviceincluding a digital processor, such as a microprocessor,microcontroller, graphic processing unit (GPU), etc. and storage. Inother embodiments, the systems and methods may be embodied by a serverincluding a digital processor and including or having access to digitaldata storage, such server being suitably accessed via the Internet or alocal area network, or by a personal data assistant (PDA) including adigital processor and digital data storage, or so forth. The computer orother digital processing device suitably includes or is operativelyconnected with one or more user input devices, such as a keyboard, forreceiving user input, and further includes, or is operatively connectedwith, one or more display devices. In other embodiments, the input forcontrolling the methods and systems is received from another programrunning previously to or concurrently with the methods and systems onthe computer, or from a network connection, or so forth. Similarly, inother embodiments the output may serve as input to another programrunning subsequent to or concurrently with methods and systems on thecomputer, or may be transmitted via a network connection, or so forth.

In some embodiments, the exemplary methods, discussed above, the systememploying the same, and so forth, of the present application areembodied by a storage medium storing instructions executable (forexample, by a digital processor) to implement the exemplary methodsand/or systems. The storage medium may include, for example: a magneticdisk or other magnetic storage medium; an optical disk or other opticalstorage medium; a random access memory (RAM), read-only memory (ROM), orother electronic memory device or chip or set of operativelyinterconnected chips; an Internet server from which the storedinstructions may be retrieved via the Internet or a local area network;or so forth.

It is to further be appreciated that in connection with the particularexemplary embodiments presented herein certain structural and/orfunctional features are described as being incorporated in definedelements and/or components. However, it is contemplated that thesefeatures may, to the same or similar benefit, also likewise beincorporated in other elements and/or components where appropriate. Itis also to be appreciated that different aspects of the exemplaryembodiments may be selectively employed as appropriate to achieve otheralternate embodiments suited for desired applications, the otheralternate embodiments thereby realizing the respective advantages of theaspects incorporated therein.

It is also to be appreciated that particular elements or componentsdescribed herein may have their functionality suitably implemented viahardware, software, firmware or a combination thereof. Additionally, itis to be appreciated that certain elements described herein asincorporated together may under suitable circumstances be stand-aloneelements or otherwise divided. Similarly, a plurality of particularfunctions described as being carried out by one particular element maybe carried out by a plurality of distinct elements acting independentlyto carry out individual functions, or certain individual functions maybe split-up and carried out by a plurality of distinct elements actingin concert. Alternately, some elements or components otherwise describedand/or shown herein as distinct from one another may be physically orfunctionally combined where appropriate.

In short, the present specification has been set forth with reference topreferred embodiments. Obviously, modifications and alterations willoccur to others upon reading and understanding the presentspecification. It is intended that the invention be construed asincluding all such modifications and alterations insofar as they comewithin the scope of the appended claims or the equivalents thereof. Thatis to say, it will be appreciated that various of the above-disclosedand other features and functions, or alternatives thereof, may bedesirably combined into many other different systems or applications,and also that various presently unforeseen or unanticipatedalternatives, modifications, variations or improvements therein may besubsequently made by those skilled in the art which are similarlyintended to be encompassed by the following claims.

1. A computer implemented method for routing requests to one of aplurality of redundant servers, wherein the plurality of redundantservers provides services over a communications network, said methodcomprising: receiving a request via the communications network;selecting a highest ranked redundant server from the plurality ofredundant servers for the request, wherein the highest ranked redundantserver is selected according to an intelligent server selection enginethat dynamically ranks the plurality of redundant servers according toranking information, wherein the ranking information includes serverperformance information and server response information; and routing therequest to the highest ranked redundant server.
 2. The computerimplemented method of claim 1, further comprising: determiningunprocessed requests meeting non-performance criteria, whereinunprocessed requests are requests which have not been processed by thecorresponding highest ranked redundant server; updating the highestranked redundant server for each of the determined unprocessed requests;and re-routing each unprocessed request to the highest ranked redundantserver.
 3. The computer implemented method of claim 1, wherein theintelligent server selection engine periodically re-ranks the pluralityof redundant servers in random order.
 4. The computer implemented methodof claim 3, wherein the plurality of redundant servers are periodicallyre-ranked with a historic bias.
 5. The computer implemented method ofclaim 1, wherein the requests are received from a universal merchantplatform.
 6. The computer implemented method of claim 1, wherein theplurality of redundant servers are directory servers for authenticationinitiatives.
 7. The computer implemented method of claim 1, wherein theranking information further includes historic information, next stepperformance information, and next step response information.
 8. Thecomputer implemented method of claim 1, wherein the ranking informationincludes next step performance information, wherein the next stepperformance information includes information pertaining to servers whichthe plurality of redundant servers depend upon.
 9. The computerimplemented method of claim 1, wherein the request is a test request todiagnose issues of nonperformance.
 10. An intelligent server router forrouting requests to one of a plurality of redundant servers, wherein theplurality of redundant servers provides services over a communicationsnetwork, said system comprising: an intelligent server selection engineprovisioned to dynamically rank the plurality of redundant serversaccording to ranking information, wherein the ranking informationincludes server performance information and server response information,wherein the intelligent server selection engine further selects ahighest ranked redundant server from the plurality of redundant serversaccording to the ranking of the plurality of redundant servers; areal-time analysis engine provisioned to determine unprocessed requestsmeeting non-performance criteria and update a highest ranked redundantserver for each of the determined unprocessed requests, whereinunprocessed requests are requests which have not been processed byhighest ranked redundant servers assigned by the intelligent serverselection engine; and a routing engine provisioned to receive therequests and route each of the requests to one of the plurality ofredundant servers, wherein the one of the plurality of redundant serversis a highest ranked redundant server determined by the intelligentserver selection engine, wherein the routing engine is furtherprovisioned to re-route requests to highest ranked redundant serversupdated by the real-time analysis engine.
 11. The intelligent serverrouter of claim 10, further comprising: a data collection engineprovisioned to collect ranking information from the plurality ofredundant servers and/or a plurality of next step servers from which theplurality of redundant servers depend.
 12. The intelligent server routerof claim 10, wherein the intelligent server selection engineperiodically re-ranks the plurality of redundant servers in randomorder.
 13. The method of claim 10, wherein the routing engine receivesthe requests from a universal merchant platform.
 14. The method of claim10, wherein the plurality of redundant servers are directory servers forauthentication initiatives.
 15. The method of claim 10, wherein theranking information further includes historic information, next stepperformance information, and next step response information.
 16. Themethod of claim 10, wherein the ranking information includes next stepperformance information, wherein the next step performance informationincludes information pertaining to servers which the plurality ofredundant servers depend upon.
 17. A computer implemented method forsupporting authentication processing of a commercial transactionconducted over a communications network between a first party and asecond party, wherein the commercial transaction uses one of a pluralityof different payment instrument types belonging to different paymentnetworks, said plurality of different payment instrument types havingdifferent authentication protocols prescribed therefor by theirrespective payment networks, said method comprising: (a) obtainingpayment information from the first party according to a unified messageformat, wherein the first party received the payment information fromthe second party, wherein the payment information includes a paymentinstrument identifying the one of the plurality of different paymentinstrument types; (b) selecting one of at least one directory serverassociated with the one of the plurality of different payment instrumenttypes, wherein each of the at least one directory server is rankedaccording to an intelligent server selection engine that dynamicallyranks the at least one directory server according to rankinginformation, wherein the ranking information includes server performanceinformation and server response information, wherein the one of the atleast one directory server is a highest ranked directory server; (c)routing the payment instrument to the selected directory serveraccording to a message format of the one of the plurality of differentpayment instrument types, wherein the selected directory server routesthe payment instrument to an authentication server associated with thepayment instrument; and (d) obtaining an enrollment determination of thepayment instrument from the selected directory server, wherein theselected direct server receives the enrollment determination of thepayment instrument from the authentication server.
 18. The computerimplemented method of claim 17, further comprising: obtaining anauthentication determination from the authentication server, wherein thesecond party authenticates directly with the authentication server; andreturning the obtained authentication determination to the first partyusing the unified message format.
 19. The computer implemented method ofclaim 17, wherein the ranking information includes next step performanceinformation and next step response information, wherein the next stepperformance information and the next step response information includeinformation pertaining to the authentication server.
 20. The computerimplemented method of claim 17, wherein the intelligent server selectionengine periodically re-ranks the at least one directory server in randomorder.